1. Field of the Invention
This invention is about the security key, security service device and security system, to which a Multi One-time Password is applied.
2. Description of the Related Art
In general, an access control system is installed to protect lives, properties and information at a specific place such as buildings, research institutes, factories, offices and other security areas, where approaching persons shall be under control.
In the traditional access control system, a person entering a door was authenticated by a password or access card, of which the information is inputted into an authentication terminal installed at the side of the door, and when the authentication was confirmed the door was opened.
The downside of the system was that the information leak of passwords could easily occur, and it was troublesome to input the password. On the other hand, the problem regarding an access card was that it could be duplicated with ease. In short, the problem of existing access control system is its security fragility.
In order to make up for such weak points, the Patent Registration No. 1086236 in Korea has released the access control system based on the multi one-time password. To put it concretely, the Patent Registration No. 1086236 has stipulated the stages of access control system, which include (a) the stage where the reading device authenticates the smart card primarily by using the card security key received from the smart card mounted on the mobile terminal equipment and the authentication security key received from the access control server, (b) the stage where the single-use password generated by the above mentioned access control server is transmitted to the mobile terminal unit after the success in the primary authentication, and (c) the stage where the secondary authentication of above mentioned smart card is carried out by using the single-use password generated by the above mentioned reading device and the single-use password of the card, which has been received from the card mentioned above.
The Patent Registration No. 1086236 has the merit that the security has been improved by using the One Time Password. However, the weak point of the Korean Patent No. 1086236 is that it is impossible to control the access to various security areas because the authentication is carried out by using a single OTP method. And also, in the case of Korean Patent No. 1086236, it is difficult to prevent a person, who has acquired a smart card lost by somebody else, from trespassing into a security area.